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I. REAL PARTY IN INTEREST 

The real party in interest is Sun Microsystems, Inc., a corporation organized and 
existing under and by virtue of the laws of the State of Delaware, and having its principal 
place of business at 4150 Network Circle, Santa Clara, CA 95054. 

II. RELATED APPEALS AND INTERFERENCES 

No other appeals, interferences or judicial proceedings are known which would be 
related to, directly affect or be directly affected by or have a bearing on the Board's 
decision in this appeal. 

III. STATUS OF CLAIMS 

Claims 1-4, 6-12 and 14-33 stand finally rejected. The rejection of claims 1-4, 6- 
12 and 14-33 is being appealed. A copy of claims 1-4, 6-12 and 14-33 is included in the 
Claims Appendix herein below. 

IV. STATUS OF AMENDMENTS 

No amendments to the claims have been submitted subsequent to the final 
rejection. Please note that the Advisory Action of October 13, 2005 erroneously 
indicates that proposed amendments will be entered; however, no amendments were 
proposed subsequent the final rejection. 

V. SUMMARY OF CLAIMED SUBJECT MATTER 

Independent claim 1 is directed to a system for managing information including a 
software program stored on a computer-readable medium operable to maintain an identity 
index that includes a virtual identity. The virtual identity recited in claim 1 includes a 
plurality of information object identifiers each corresponding to a respective information 
object. For example, in some embodiments, the software program may be operable to 
associate one or more uses with information objects that define the user. Thus, the 
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software program may maintain a "virtual identity" for each user where the virtual 
identity includes a list of information objects associated with the user. See, e.g., FIG 1-4 
and paragraphs 12, 24, 27-29, 31, 33, 38 and 43. 

An identity index may store information mapping information objects describing 
a particular user to that user. An identity index may include a number of virtual 
identities. According to one embodiment, an administrative system may include a 
management system that maintains an identity index associating users with information 
objects and resources. An information object may be a collection of individual pieces of 
data that represent a single entity or identity, such as a user. For example, a single user 
may have different accounts on different types of systems and an identity index may 
maintain information regarding those accounts and associate the information objects (i.e. 
account information) with a single logical name that represents the virtual identity of the 
user. Alternatively, in another embodiment, an identity index may associate routing 
tables on various servers with a particular network element. Thus, the identity index may 
maintain and associate disparate information regarding a single entity or identity. An 
identity index may be maintained using any of various data storage schemes, such as 
sequential files, indexed files, LDAP directories, or relational databases. In various 
embodiments, a virtual identity may be maintained for human users, a programmatic 
entity or a computer system that uses resources. See, e.g., FIG 1-4; paragraphs 12, 24, 27, 
28, 30, 32, 33-36, 38, 44 and 48-50. 

The virtual identity also includes, for each information object, a resource name 
identifying a resource at which the respective information object is located, where the 
resource name is associated with the respective information object identifier. The virtual 
identity also include a resource definition corresponding to each respective named 
resource, where the resource definition also includes connection information. The 
resource may be a system or an application accessible via a network that defines 
information objects. For example, a Unix system, a Windows system, or a database 
system may each be a resource that defines accounts as information objects. A resource 
may include a particular computer system, either distributed or not, an application on a 
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computer system, or an application distributed across multiple computer systems, 
according to different embodiments. Each resource may define information objects 
related to the management or configuration of an associated resource. Resource 
accounts, or information objects, may represent each resource's view of the associated 
identity. In other words, each resource definition may represent the user within the scope 
of the resource. See, e.g., FIG 1-4; paragraphs 12-14, 27, 29, 34, 37, 39, 40, 44 and 47-50. 

For example, one embodiment of an identity index is illustrated in Appellant's 
FIG. 3. The identity index includes a virtual identity (e.g., 312). The virtual identity 
includes multiple of information object identifiers (e.g., 350) each corresponding to a 
respective information object (e.g., 342, 344 and 346). The virtual identity also includes, 
for each information object, a resource name (e.g., ResoOl, Reso02 (353) and Reso03) 
identifying a resource (210, 212 and 214) at which the respective information object is 
located, wherein the resource name is associated with the respective information object 
identifier (e.g., JANE_D, janed (352) or JaneD). The identity index further includes and 
resource definitions (e.g., 360, 362 and 364), each of which includes connection 
information (e.g., 368). Thus, as illustrated by FIG. 3, a single virtual identity may 
include information objects that represent the virtual identity, such as on different 
resources or systems. 

Independent claim 20 is directed to a system for managing information similar to 
that recited in claim 1, discussed above. Similarly to the system recited by claim 1, the 
system recited in claim 20 includes a software program stored on a computer readable 
medium operable to maintain an identity index. The identity index of claim 20 includes 
multiple virtual identities and each virtual identity corresponds to a user. Additionally, 
each virtual identity of claim 20 includes a plurality of information object identifiers, 
each corresponding to a respective information object. As with claim 1, discussed above, 
each virtual identity also includes multiple of resource names, each associated with an 
information object identifier and corresponding to a resource at which the information 
object corresponding to the associated information object identifier is located and may 
also include multiple resource definitions including a resource definition for each named 
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resource, where each resource definition includes connection information for the 
corresponding named resource. Please refer to the description of claim 1, above, for a 
more detailed discussion regarding identity indexes, virtual identities, information objects 
and resources. 

Independent claim 26 is directed to a method for managing information that 
includes storing an identity index including multiple information object identifiers 
corresponding to a set of information objects that define a user. The method of claim 26 
also includes associating a resource definition with each information object identifier, 
where each resource definition corresponds to a different one of multiple resources at 
which the information object corresponding to the associated information object identifier 
is located and where each resource definition contains connection information for the 
corresponding resource. Please refer to the description of claim 1, above, for a more 
detailed discussion regarding identity indexes, virtual identities, information objects and 
resources. 

VI. GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 

1. Claims 1-4, 6-12 and 14-33 stand finally rejected under 35 U.S.C. § 102(e) 
as being anticipated by Gwertzman et al. (U.S. Patent 6,189,000) (hereinafter 
"Gwertzman"). 

VII. ARGUMENT 

Claims 1-2, 4, 6-12 and 14-33 stand finally rejected under 35 U.S.C. § 102(e) as 
being anticipated by Gwertzman et al. (U.S. Patent 6,189,000) (hereinafter 
"Gwertzman"). Appellants traverse this rejection for at least the following reasons. 
Different groups of claims are addressed under their respective subheadings. 
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Claims 1-2, 4, 6, 8 -10. 12, 14-18 and 19 : 



Regarding claim 1, contrary to the Examiner's assertion, Gwertzman does not 
disclose an identity index that comprises a virtual identity that in turn comprises a 
plurality of information object identifiers each corresponding to a respective information 
object, and for each information object, a resource name identifying a resource at which 
the respective information object is located, wherein the resource name is associated with 
the respective information object identifier ; and wherein the identity index further 
comprises a resource definition corresponding to each respective named resource, 
wherein the resource definition further comprises connection information . 

As noted in the Summary above, Appellant's claimed invention pertains to a 
particular type of data structure, an identity index, for use in managing user information 
objects. One embodiment of an identity index is illustrated in Appellant's FIG. 3. The 
identity index includes a virtual identity (e.g., 312). The virtual identity includes a 
plurality of information object identifiers (e.g., 350) each corresponding to a respective 
information object (e.g., 342, 344 and 346). The virtual identity also includes, for each 
information object, a resource name (e.g., ResoOl, Reso02 (353) and Reso03) identifying 
a resource (210, 212 and 214) at which the respective information object is located, 
wherein the resource name is associated with the respective information object identifier 
(e.g., JANE_D, janed (352) or JaneD). The identity index further includes and resource 
definitions (e.g., 360, 362 and 364), each of which includes connection information (e.g., 
368). 

Gwertzman does not teach a data structure for an identity index as recited in 
Appellant's claims. In contrast, Gwertzman teaches "a storage-mechanism interface." 
In Gwertzman, "instead of having to indicate a path to the storage mechanism and the 
actual name of the data structure, the application developer needs only to call the data 
structure a logical name (e.g., 'foo') and the storage-mechanism interface takes care of 
properly locating and identifying the storage mechanism and the data structure (i.e., 
providing the actual name of the data structure)" (Gwertzman - col. 6, lines 59-65). 
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Gwertzman's storage-mechanism interface is a programmatic interface called by 
application developer code. An application developer using Gwertzman invention uses 
the logical name for a data structure and Gwertzman's storage-mechanism interface uses 
the logical name as an index to look up the full path name in a database. 

As noted above, Appellants' claim 1 recites an identity index in which a virtual 
identity is associated with multiple information objects and resources. Gwertzman does 
not teach the particular data structure of an identity index that comprises a virtual identity 
that includes a plurality of information object identifiers . In contrast, each of the entries 
in Gwertzman's database, which the Examiner equates to virtual identities, contains 
information regarding only a single logical name mapped to a single path name . 
Moreover, as noted above, Gwertzman system allows a developer to use a logical name 
rather than a full path or pathname to a data structure. Gwertzman's system does not 
include a data structure with multiple information objects associated with a logical name. 
Since, Gwertzman teaches that his system is intended to allow a developer to use a 
logical name instead of a full pathname to a data structure, it would not make since for 
Gwertzman's system to include multiple information objects and multiple resource 
locations for a logic name. 

The Examiner cites column 8, lines 28-30 and argues that Gwertzman's database 
entries may contain a plurality of information object identifiers. However, the cited 
passage is describing using the DepObject and DepProp fields of the configuration 
information in TABLE 1. Specifically, Gwertzman teaches that DepObject and DepProp 
fields may be used to "instantiate a second object using information obtained from a first, 
already instantiated object". Here Gwertzman is not describing anything about the 
entries in his database, which the Examiner equates to an identity index. Instead, 
Gwertzman is discussing a way to duplicate an already instantiated programming object, 
especially for use with grouping properties by cross-linking between two storage 
mechanisms (Gwertzman, column 8, lines 28-42). No mention is made, either at the 
Examiner's cited passages or elsewhere, regarding a virtual identity that comprises a 
plurality of information object identifiers each corresponding to a respective information 
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object, and for each information object, a resource name identifying a resource at which 
the respective information object is located, wherein the resource name is associated with 
the respective information object identifier; and wherein the identity index further 
comprises a resource definition corresponding to each respective named resource, 
wherein the resource definition further comprises connection information. 

In response to Appellant's arguments above, the Examiner argues, in the 
Response to Arguments section of the Final Action, that Gwertzman's database 
corresponds to the identity index in Appellant's claim because the database comprises 
logical names or virtual identities that in turn comprise the actual names of data 
structures. The Examiner is clearly incorrect. Gwertzman teaches that an entry in his 
database "includes a field indicating the path name to the storage mechanism associated 
with the logical name and the actual name of the data structure containing the desired 
property." Gwertzman's database entry also includes "a field containing a user identity 
for that storage mechanism or containing a property" (Gwertzman, column 7, lines 1-8). 
Thus, each entry in Gwertzman's database only includes a logical name, a path name (to 
the storage mechanism), the actual name of the data structure, and a user identity. 

In the Advisory Action, the Examiner refers to the DepObject and DepProp fields 
of Gwertzman. However, as shown above, Gwertzman teaches that DepObject and 
DepProp fields may be used to instantiate different programming objects that each refer 
to the same stored attribute. For instance, Gwertzman describes grouping users that all 
use the same background color by instantiating multiple objects (e.g. objects representing 
the user's background color preference) from an already instantiate object (Gwertzman, 
column 8, lines 28-42). Furthermore, Gwertzman's TABLE 1, cited by the Examiner, 
only includes a single instance of a DepObject and DepProp fields, not multiple 
instances, as suggested by the Examiner. Gwertzman's DepObject and DepProp fields 
clearly do not represent a plurality of information object identifiers, as erroneously 
asserted by the Examiner. 
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Anticipation requires the presence in a single prior art reference disclosure of each 
and every element of the claimed invention, arranged as in the claim , M.P.E.P 2131; 
Lindemann Maschinenfabrik GmbH v. American Hoist & Derrick Co., 221 USPQ 481, 
485 (Fed. Cir. 1984). The identical invention must be shown in as complete detail as is 
contained in the claims. Richardson v. Suzuki Motor Co., 9 USPQ2d 1913, 1920 (Fed. 
Cir. 1989). As Gwertzman does not disclose the particular structure of the identity index 
of Appellant's claimed invention, Gwertzman clearly does not anticipate Appellant's 
claims. 

Therefore, for at lease the reasons above, the rejection of claim 1 is clearly not 
supported by the cited art and removal thereof is respectfully requested. Similar remarks 
to those above regarding claim 1 also apply to independent claims 20 and 26, as they 
include similar limitations to those of claim 1. 

Claim 3 : 

Regarding claim 3, Gwertzman fails to disclose that the schema map maps a 
resource attribute from the resource to a virtual attribute defined by the schema map. In 
contrast, Gwertzman teaches the use of a schema that identifies the properties included 
within a user object on a server (Gwertzman, column 7, lines 51-65). For example, as 
Gwertzman describes, if an object includes phone numbers of users, the schema for that 
object may include an element stating: "phone numbers". Thus, rather than teaching a 
schema map that maps a resource attribute from a resource to a virtual attribute defined 
by the schema map, Gwertzman teaches a schema that describes what elements or 
properties are included in a user object. The Examiner cites column 9, lines 28-44 of 
Gwertzman. However, this portion of Gwertzman is not describing Gwertzman's 
schema. Instead, the cited passage is describing a Get Object function that "is used by an 
application to obtain an ADS object containing a user property." The cited passage does 
not even mention any sort of schema or schema map. Nor does it describe mapping a 
resource attribute to a virtual attributed defined by a schema map. 
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In response to the above arguments, the Examiner, in the Advisory Action, 
contends that Gwertzman's schema "defines elements that identify the properties 
included in each information object" and that an element in Gwertzman's schema is a 
virtual property or virtual attribute. However, as noted above Gwertzman clearly teaches 
that the elements of his schema indicate to an application developer that such information 
is available to access. Gwertzman does not teach a schema map that maps a resource 
attribute from the resource to a virtual resource attribute defined by the schema map. 
Instead, as shown above, Gwertzman's schema merely lists the properties of an object 
that are available for access. 

Thus, the rejection of claim 3 is not supported by the prior art and removal thereof 
is respectfully requested. 

Claim 7 : 

Regarding claim 7, Gwertzman fails to disclose the virtual identity corresponds to 
a user. The Examiner cites column 7, lines 14-17 of Gwertzman. However, the cited 
passage refers to user identification for a storage mechanism containing a property 
associated with a logical name. Specifically, Gwertzman teaches that a logical name is 
typically associated with a data structure containing a desired property and that uniquely 
identifies that data structure (column 6, lines 52-55). Gwertzman also teaches that the 
database entry associated with the logical name may include user identification 
information for accessing the storage mechanism that stored the data structure. Thus, the 
user identification information referred to by the Examiner at column 7, lines 14-17 is 
describing user identification required to access a storage mechanism associated with a 
logical name (e.g. virtual identity) and does not describe a logical name or virtual identity 
that corresponds to a user. 

Gwertzman further teaches that such user information is stored in the 
BindAsName and BindAsPassword entries of TABLE 1 . Gwertzman specifically states, 
[t]he BindAsName and BindAsPassword field[s] are used to tell the storage-mechanism 
interface the user credentials and passwords that are authentic for a particular storage 
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mechanism" and that "[w]ithout proper authentication, the requesting application cannot 
access the storage mechanism containing the desired user property" (column 8, lines 42- 
48). Thus, Gwertzman describes using user credentials to access storage mechanism 
storing desired properties (properties associated with a logical name) not that a logical 
name corresponds to a user. 

Claim 11 : 

Regarding claim 11, Gwertzman fails to disclose that the schema map maps a 
resource attribute from the resource to a virtual attribute defined by the schema map. In 
contrast, Gwertzman teaches the use of a schema that identifies the properties included 
within a user object on a server (Gwertzman, column 7, lines 51-65). For example, as 
Gwertzman describes, if an object includes phone numbers of users, the schema for that 
object may include an element stating: "phone numbers". Thus, rather than teaching a 
schema map that maps a resource attribute from a resource to a virtual attribute defined 
by the schema map, Gwertzman teaches a schema that describes what elements or 
properties are included in a user object. The Examiner cites column 9, lines 28-44 of 
Gwertzman. However, this portion of Gwertzman is not describing Gwertzman' s 
schema. Instead, the cited passage is describing a Get Object function that "is used by an 
application to obtain an ADS object containing a user property." The cited passage does 
not even mention any sort of schema or schema map. Nor does it describe mapping a 
resource attribute to a virtual attributed defined by a schema map. Please refer to the 
arguments above regarding claim 3 for a more detailed discussion regarding 
Gwertzman' s failure to disclose a schema map that maps a resource attribute from the 
resource to a virtual resource attribute defined by the.schema map. 

Claims 20-24 : 

Regarding claim 20, Gwertzman does not disclose an identity index that 
comprises a plurality of virtual identities each corresponding to a user , where each virtual 
identity includes a plurality of information object identifiers each corresponding to a 
respective information object, and for each information object, a resource name 
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identifying a resource at which the respective information object is located, wherein the 
resource name is associated with the respective information object identifier ; and wherein 
the identity index further comprises a resource definition corresponding to each 
respective named resource, wherein the resource definition further comprises connection 
information , as asserted by the Examiner. 

Gwertzman does not teach a data structure for an identity index as recited in 
Appellant's claims. In contrast, Gwertzman teaches "a storage-mechanism interface." In 
Gwertzman, "instead of having to indicate a path to the storage mechanism and the actual 
name of the data structure, the application developer needs only to call the data structure 
a logical name (e.g., 'foo') and the storage-mechanism interface takes care of properly 
locating and identifying the storage mechanism and the data structure (i.e., providing the 
actual name of the data structure)." Gwertzman - col. 6, lines 59-65. Gwertzman's 
storage-mechanism interface is a programmatic interface called by application developer 
code. An application developer using Gwertzman invention would only have to use the 
logical name for a data structure and Gwertzman's storage-mechanism interface uses the 
logical name as an index to look up the full path name in a database. 

Gwertzman does not teach virtual identities that correspond to users. Instead, 
Gwertzman teaches that a logical name, which the Examiner equates to a virtual identity, 
is associated with a data structure containing a desired property (column 6, lines 50-58). 
Gwertzman does not teach using virtual identities that correspond to users. Gwertzman 
teaches that a logical name is typically associated with a data structure containing a 
desired property and that uniquely identifies that data structure (column 6, lines 52-55). 
Gwertzman also teaches that the database entry associated with the logical name may 
include user identification information for accessing the storage mechanism that stored 
the data structure. Thus, the user identification information referred to by the Examiner 
at column 7, lines 14-17 is describing user identification required to access a storage 
mechanism associated with a logical name (e.g. virtual identity) and does not describe a 
logical name or virtual identity that corresponds to a user. 
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Gwertzman further teaches that such user information is stored in the 
BindAsName and BindAsPassword entries of TABLE 1. Gwertzman specifically states, 
[t]he BindAsName and BindAsPassword field[s] are used to tell the storage-mechanism 
interface the user credentials and passwords that are authentic for a particular storage 
mechanism" and that "[w]ithout proper authentication, the requesting application cannot 
access the storage mechanism containing the desired user property" (column 8, lines 42- 
48). Thus, Gwertzman describes using user credentials to access storage mechanism 
storing desired properties (properties associated with a logical name) not that a logical 
name corresponds to a user. 

Gwertzman also does not teach the particular data structure of an identity index 
that comprises a plurality of virtual identities that in turn comprises a plurality of 
information object identifiers each corresponding to a respective information object, and 
for each information object, a resource name identifying a resource at which the 
respective information object is located, wherein the resource name is associated with the 
respective information object identifier; and wherein the identity index further comprises 
a resource definition corresponding to each respective named resource, wherein the 
resource definition further comprises connection information. 

Additionally, each of the entries in Gwertzman' s database, which the Examiner 
equates to virtual identities, contains information regarding only a single logical name 
mapped to a single path name. The Examiner cites column 8, lines 28-30 and argues that 
Gwertzman's database entries may contain a plurality of information object identifiers. 
However, the cited passage is describing using the DepObject and DepProp fields of the 
configuration information in TABLE 1. Specifically, Gwertzman teaches that DepObject 
and DepProp fields may be used to "instantiate a second object using information 
obtained from a first, already instantiated object". Gwertzman is not describing anything 
about the entries in his database, which the Examiner equates to an identity index. 
Instead, Gwertzman is discussing a way to duplicate an already instantiated programming 
object, especially for use with grouping properties by cross-linking between two storage 
mechanisms (Gwertzman, column 8, lines 28-42). No mention is made, either at the 
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Examiner's cited passages or elsewhere, regarding a virtual identity that comprises a 
plurality of information object identifiers each corresponding to a respective information 
object. 

Furthermore, Gwertzman's database entries do not contain resource definitions. 
The Examiner cites column 8, lines 3-25 of Gwertzman and argues that TABLE 1 of 
Gwertzman includes connection information. However, TABLE 1 of Gwertzman 
illustrates information used to initialize an Objectlnfo object used as part of creating 
Gwertzman's storage-mechanism interface as a COM object. Gwertzman's TABLE 1 is 
not a part of Gwertzman's database. Nowhere does Gwertzman describe TABLE 1 as 
being part of, of as describing, the database, which the Examiner equates to an identity 
index. Instead, Gwertzman states that TABLE 1 defines configuration information 
utilized to initialize the storage-mechanism COM object (Gwertzman, column 7, line 67 - 
column 8, line 20). Since Gwertzman does not include connection information in 
resource definitions in the entries of his database, Gwertzman cannot be said to anticipate 
Appellant's claim 20. 

Please also refer to the arguments above regarding claim 1 as they also apply to 
claim 20. 

Anticipation requires the presence in a single prior art reference disclosure of each 
and every element of the claimed invention, arranged as in the claim . M.P.E.P 2131; 
Lindemann Maschinenfabrik GmbH v. American Hoist & Derrick Co., 221 USPQ 481, 
485 (Fed. Cir. 1984). The identical invention must be shown in as complete detail as is 
contained in the claims. Richardson v. Suzuki Motor Co., 9 USPQ2d 1913, 1920 (Fed. 
Cir. 1989). As Gwertzman does not disclose the particular structure of the identity index 
of Appellant's claimed invention, Gwertzman clearly does not anticipate Appellant's 
claims. 

Therefore, for at lease the reasons above, the rejection of claim 20 is clearly not 
supported by the cited art and removal thereof is respectfully requested. 
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Claim 25: 



Regarding claim 25, Gwertzman fails to disclose that the schema map maps a 
resource attribute from the resource to a virtual attribute defined by the schema map. In 
contrast, Gwertzman teaches the use of a schema that identifies the properties included 
within a user object on a server (Gwertzman, column 7, lines 51-65). For example, as 
Gwertzman describes, if an object includes phone numbers of users, the schema for that 
object may include an element stating: "phone numbers". Thus, rather than teaching a 
schema map that maps a resource attribute from a resource to a virtual attribute defined 
by the schema map, Gwertzman teaches a schema that describes what elements or 
properties are included in a user object. The Examiner cites column 9, lines 28-44 of 
Gwertzman. However, this portion of Gwertzman is not describing Gwertzman' s 
schema. Instead, the cited passage is describing a Get Object function that "is used by an 
application to obtain an ADS object containing a user property." The cited passage does 
not even mention any sort of schema or schema map. Nor does it describe mapping a 
resource attribute to a virtual attributed defined by a schema map. Please refer to the 
arguments above regarding claims 3 and 11 for a more detailed discussion regarding 
Gwertzman's failure to disclose a schema map that maps a resource attribute from the 
resource to a virtual resource attribute defined by the schema map. 

Claims 26-31 and 33 : 

Gwertzman does not disclose storing an identity index including a plurality of 
information object identifiers corresponding to a set of information objects that define a 
user , contrary to the Examiner's assertion. The Examiner cites column 7, lines 1-8 and 
lines 44-50. However, the cited passages only describe using user identification or 
credentials to access a data structure including a desired property. Gwertzman' s logical 
names correspond to the desired property. The cited passage does not describe a plurality 
of information object identifiers corresponding to a set of information objects that define 
a user. Specifically, Gwertzman teaches that a logical name is typically associated with a 
data structure containing a desired property and that uniquely identifies that data structure 
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(column 6, lines 52-55). Gwertzman also teaches that the database entry associated with 
the logical name may include user identification information for accessing the storage 
mechanism that stored the data structure. Thus, the user identification information 
referred to by the Examiner at column 7, lines 14-17 is describing user identification 
required to access a storage mechanism associated with a logical name (e.g. virtual 
identity) and does not describe a logical name or virtual identity that corresponds to a 
user. 

Gwertzman further teaches that such user information is stored in the 
BindAsName and BindAsPassword entries of TABLE 1 . Gwertzman specifically states, 
[t]he BindAsName and BindAsPassword field[s] are used to tell the storage-mechanism 
interface the user credentials and passwords that are authentic for a particular storage 
mechanism" and that "[w]ithout proper authentication, the requesting application cannot 
access the storage mechanism containing the desired user property" (column 8, lines 42- 
48). Thus, Gwertzman describes using user credentials to access storage mechanism 
storing desired properties (properties associated with a logical name) not that a logical 
name corresponds to a user. 

Gwertzman also fails to disclose associating a resource definition with each 
information object identifier, wherein each resource definition corresponds to a different 
one of a plurality of resources at which the information object corresponding to the 
associated information object identifier is located, and wherein each resource definition 
contains connection information for the corresponding resource. Gwertzman teaches that 
an entry in his database "includes a field indicating the path name to the storage 
mechanism associated with the logical name and the actual name of the data structure 
containing the desired property." Gwertzman's database entry also includes "a field 
containing a user identity for that storage mechanism or containing a property" 
(Gwertzman, column 7, lines 1-8). Thus, each entry in Gwertzman's database includes a 
logical name, a path name (to the storage mechanism), the actual name of the data 
structure, and a user identity. Thus, each of the entries in Gwertzman's database, which 
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the Examiner equates to virtual identities, contains information regarding only a single 
logical name mapped to a single path name. 

The Examiner cites column 8, lines 3-25 and argues that Gwertzman's database 
entries may contain a plurality of information object identifiers. However, the cited 
passage is describing using the DepObject and DepProp fields of the configuration 
information in TABLE 1. Specifically, Gwertzman teaches that DepObjects and 
DepProp fields may be used to "instantiate a second object using information obtained 
from a first, already instantiated object". Gwertzman is not describing anything about the 
entries in his database, which the Examiner equates to an identity index. Instead, 
Gwertzman is discussing a way to duplicate an already instantiated programming object, 
especially for use with grouping properties by cross-linking between two storage 
mechanisms (Gwertzman, column 8, lines 28-42). No mention is made, either at the 
Examiner's cited passages or elsewhere, regarding a virtual identity that comprises a 
plurality of resources at which an information object is located. 

Therefore, for at lease the reasons above, the rejection of claim 26 is clearly not 
supported by the cited art and removal thereof is respectfully requested. 

Claim 32 : 

Regarding claim 32, Gwertzman fails to disclose that the schema map maps a 
resource attribute from the resource to a virtual attribute. In contrast, Gwertzman teaches 
the use of a schema that identifies the properties included within a user object on a server 
(Gwertzman, column 7, lines 51-65). For example, as Gwertzman describes, if an object 
includes phone numbers of users, the schema for that object may include an element 
stating: "phone numbers". Thus, rather than teaching a schema map that maps a resource 
attribute from a resource to a virtual attribute, Gwertzman teaches a schema that 
describes what elements or properties are included in a user object. The Examiner cites 
column 9, lines 28-44 of Gwertzman. However, this portion of Gwertzman is not 
describing Gwertzman's schema. Instead, the cited passage is describing a Get Object 
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function that "is used by an application to obtain an ADS object containing a user 
property." The cited passage does not even mention any sort of schema or schema map. 
Please refer to the arguments above regarding claims 3 and 11 for a more detailed 
discussion regarding Gwertzman's failure to disclose a schema map that maps a resource 
attribute from the resource to a virtual resource attribute. 



For the foregoing reasons, it is submitted that the Examiner's rejection of claims 
1-4, 6-12 and 14-33 was erroneous, and reversal of his decision is respectfully requested. 

The Commissioner is authorized to charge the appeal brief fee of $500.00 and any 
other fees that may be due to Meyertons, Hood, Kivlin, Kowert, & Goetzel, P.C. Deposit 
Account No. 501505/5681-96802/RCK. This Appeal Brief is submitted with a return 
receipt postcard. 
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VIII. CONCLUSION 
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Robert C. Kowert 
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IX. CLAIMS APPENDIX 



The claims on appeal are as follows. 

1 . A system for managing information comprising: 

a software program stored on a computer-readable medium operable to maintain 
an identity index, wherein said identity index comprises: 

a virtual identity further comprising: 

a plurality of information object identifiers each corresponding to a 
respective information object; and 

for each information object, a resource name identifying a resource 
at which said respective information object is located, 
wherein said resource name is associated with said 
respective information object identifier; and 

a resource definition corresponding to each respective said named 
resource, wherein the resource definition further comprises 
connection information. 

2. The system of claim 1, wherein said resource definition further comprises 
a schema map. 

3. The system of claim 2, wherein said schema map maps a resource attribute 
from said resource to a virtual attribute defined by said schema map. 

4. The system of claim 3, wherein a virtual attribute value for said virtual 
attribute is stored in RAM. 
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6. The system of claim 1, wherein said set of connection information 
contains a connection parameter selected from one of a hostname, a port, a resource 
username, a resource password or a resource type. 

7. The system of claim 1, wherein said virtual identity corresponds to a user. 

8. The system of claim 1, wherein said information object comprises a user 
account. 

9. The system of claim 8, wherein said information object identifier 
comprises an account name. 

10. The system of claim 8, wherein said resource definition further comprises 
a schema map. 

11. The system of claim 10, wherein said schema map maps a resource 
attribute from said resource to a virtual attribute defined by said schema map. 

12. The system of claim 11, wherein a virtual attribute value for said virtual 
attribute is maintained in RAM. 

14. The system of claim 8, wherein said set of connection information 
contains a connection parameter selected from one of a hostname, a port, a resource 
username, a resource password or a resource type. 

15. The system of claim 8, wherein said resource is one of a Unix system, a 
Windows NT system, a Oracle database system or an email server. 

16. The system of claim 1, wherein said software program is operable to 
connect to said resource based on said resource definition. 
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17. The system of claim 1, wherein said resource definition further comprises 
a schema map; and 

wherein, said software program is operable to create a composite view of said 
virtual identity based on said schema map. 

18. The system of claim 17, wherein said software program is operable to 
present a representation of said composite view in a graphical user interface. 

19. The system of claim 18, wherein said graphical user interface is 
customizable. 



20. A system for managing information comprising: 

a software program stored on a computer-readable medium operable to maintain 
an identity index, wherein said identity index comprises: 

a plurality of virtual identities, wherein each virtual identity corresponds 
to a user, and wherein each virtual identity further comprises: 

a plurality of information object identifiers, wherein each 
information object identifier corresponds to a respective 
information object; and 

a plurality of resource names, wherein each resource name is 
associated with an information object identifier and each 
resource name corresponds to a resource at which the 
information object corresponding to the associated 
information object identifier is located; and 
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a plurality of resource definitions comprising a resource definition for 
each named resource, wherein each resource definition comprises 
connection information for the corresponding named resource. 

21. The system of claim 20, wherein each resource definition further 
comprises a schema map. 

22. The system of claim 20, wherein each information object comprises a user 
account. 

23. The system of claim 22, wherein each information object identifier 
comprises and account name. 

24. The system of claim 23, wherein each resource definition further 
comprises a schema map. 

25. The method of claim 24, wherein each said schema map maps a resource 
attribute to a virtual attribute. 

26. A method of managing information comprising: 

storing an identity index comprising a plurality of information object identifiers 
corresponding to a set of information objects that define a user; 

associating a resource definition with each information object identifier, wherein 
each resource definition corresponds to a different one of a plurality of 
resources at which the information object corresponding to the associated 
information object identifier is located, and wherein each resource 
definition contains connection information for the corresponding resource. 



1 0/006,089 (568 1 -96802/SUN0407 1 2) 



22 



Meyertons, Hood, Kivlin, Kowert & Goetzel, P.C. 



27. The method of claim 26, wherein each information object identifier from 
said set of information object identifiers comprises a native key for the corresponding 
information object. 

28. The method of claim 27, wherein said native key comprises an account 

name. 

29. The method of claim 26, wherein the step of associating at least one of a 
set of resource definitions with each information object identifier further comprises 
associating at least one resource name with each information object identifier. 

30. The method of claim 26, wherein each information object comprises a user 
account. 

31. The method of claim 26, wherein each resource definition further 
comprises a schema map. 

32. The method of claim 31, wherein said schema map maps a resource 
attribute to a virtual attribute. 

33. The method of claim 31, further comprising creating a composite view of 
a user based on said schema map from each resource definition. 
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X. EVIDENCE APPENDIX 

No evidence submitted under 37 CFR §§ 1.130, 1.131 or 1.132 or otherwise 
entered by the Examiner is relied upon in this appeal. 
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XI. RELATED PROCEEDINGS APPENDIX 

There are no related proceedings. 



1 0/006,089 (568 1 -96802/SUN0407 1 2) 



25 



Meyertons, Hood, Kivlin, Kowert & Goetzel, P.C. 



